Disabling password authentication by default?

A recent discussion in ubuntu-devel-discuss turned to the question of whether password authentication should be enabled in the default configuration. The case against doing so is that brute-forcing SSH passwords is becoming a common way of attacking a system. This is backed up with actual evidence, available at: http://monitor.sclab.clarkson.edu/thesis.doc

Would you consider disabling password authentication in the default configuration, and if not, to what degree can we rely on OpenSSH not to disable passwords in the foreseeable future, when developing solutions based on SSH?

Related bugs

Related FAQ:

I am myself using the package denyhosts, which blacklists ip after a given number of failed ssh login. Pretty useful. It is enough for me, and avoid my logs to be flooded with some "root" or "john" failed login :-)

With respect, the problem isn't whether SSH can be made secure, but whether it's secure out of the box. As Ubuntu rises in popularity, it's increasingly important to have idiot-proof default settings.

I've only looked briefly at denyhosts*, but it looks like a fine solution for people that don't mind a little administrative overhead. As the above paper discusses, attackers are quite happy to spread a brute force attempt out over days or weeks, so denyhosts-type solutions are only effective if they block addresses permanently. That's fine for users that deliberately install the package, but we'd have all the same problems that spam blacklists have if we installed it by default.

* I'm still holding out for iptables supporting the TARPIT target in the mainline kernel >:)